I have read horror stories about signing malicious transactions and getting drained which encouraged me to learn more about eth on a deeper level.
A common worry I always had was if in the past I had unknowingly signed (not executed) a malicious transaction that an attacker hasn't broadcasted yet but may still use that stored signature sometime in the future. However, as I read more about how signing and transactions work I think I can stop worrying but would appreciate confirmation on my reasoning and if I am getting anything wrong from folks more educated on this topic.
If I understand correctly, every transaction requires a value called a nonce which must be 1 greater than the nonce value of your last confirmed transaction. If it is any other value then the network rejects it.
So by that logic, if I were to sign a malicious transaction that gives all my ETH to an attacker but quickly make a confirmed transaction on the network before the attacker could broadcast theirs, does that mean I would be safe? As they would get rejected for having the wrong nonce value and would require a new signature.
Also, in regards to MetaMask, they disabled 'eth_sign' by default which I believe is the only way to prompt a signature for a transaction. Does this mean that these attacks aren't possible on metamask at all anymore?
[link] [comments]
You can get bonuses upto $100 FREE BONUS when you:
π° Install these recommended apps:
π² SocialGood - 100% Crypto Back on Everyday Shopping
π² xPortal - The DeFi For The Next Billion
π² CryptoTab Browser - Lightweight, fast, and ready to mine!
π° Register on these recommended exchanges:
π‘ Binanceπ‘ Bitfinexπ‘ Bitmartπ‘ Bittrexπ‘ Bitget
π‘ CoinExπ‘ Crypto.comπ‘ Gate.ioπ‘ Huobiπ‘ Kucoin.
Comments